RSA: Fake AV Companies Making More Money than Security Vendors

While Bustamante concedes that law enforcement around information security has improved somewhat, he argues that it is still a slow, long fight when it comes to arresting the offenders. The main reason for this, he insists, is the “international problem”.

The different laws across geographies make it near-impossible to arrest non-US citizens. “The FBI and government are unable to bring legal action against non Americans targeting US citizens unless their country allows an extradition. It is very frustrating for both the public sector and security professionals that international laws are not holding them responsible”. As long as international cybercriminals don’t step foot in the US, they will never serve jail time, says Panda Security’s Bustamante.

“Cybercriminals are getting increasingly good at staying under the radar. They do this by creating a huge amount of smaller botnets.”

US hackers, on the other hand, don’t have it quite as easy, he explains. “The FBI do really good work catching US hackers. They are good at it and do it quickly”.

Crime Does Pay

One of the biggest threats keeping anti-virus vendors like Panda awake at night is the increasingly malicious threat of rogue anti-virus. “What really worries me”, admits Bustamante, “is that often, these companies are actually making more money through fake anti-virus products than security companies do with the real deal”.

“The rogue anti-virus hackers are using some valid, legal anti-virus code – which appears to detect vulnerabilities that don’t exist – and are applying for certification.” To protect themselves from being on the receiving end of such rogue AV, end users should always check for “testing certifications” when choosing their virus protection. They should still use caution and do their research though, says Bustamante, who explains that often copied logos will be falsely displayed on the rogueware sites.

More to Come

For 2011, Bustamante predicts more of the same, and even worse. “I don’t like to do the security vendor thing and promote fear, uncertainty and doubt, and I don’t really need to because the proof is there.” Banking Trojans, he predicts, will become more silent and more dangerous.

To counteract the increasing amount of cybercrime , the security industry will take steps to improve defenses. The Panda analyst uses the newly announced Microsoft quarantine initiative as an example. “I have very serious doubts about this though”, he admits.

While Bustamante admits that the information security industry will continue to remain one step behind the ‘bad guys’, he does acknowledge that to stay in the game at all, it is essential to continue innovation. “You have to innovate every day or you die”.